package com.bstek.security.controller;

import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;

/**
 * @author Derek.Zhang
 * @Title:
 * @Package
 * @Description:
 * @date 2020/3/3 16:21
 */
public class BigAuthServerConfiguration extends AuthorizationServerConfigurerAdapter {
	/**
	 * checkTokenAccess 权限设置为isAuthenticated，不然资源服务器 来请求403
	 * @param oauthServer
	 */
	@Override
	public void configure(AuthorizationServerSecurityConfigurer oauthServer) {
		oauthServer
				.allowFormAuthenticationForClients()
				.checkTokenAccess("isAuthenticated()");
	}
}